Managing Windows Virtual Desktops on CloudPlatform with a Web App

Background

Provisioning involves creating the virtual desktop that an end user will access. XenDesktop automates this process, and it has first class support for CloudPlatform. Moreover, XenDesktop allows server Windows operating systems to be used to host the virtual desktop, which offers licensing benefits key to the service provider business model.

Broker services are used to match an end user with a virtual desktop. The end user cannot know in advance the IP address or domain name of an available desktop. Thus, users need a brokering service to assign them a desktop and establish a remote access connection. For remote access, XenDesktop uses the HDX Protocol.

Problem

Service providers require a consumer-grade alternative to the XenDesktop management GUI.

Normally, virtual desktops are managed using the Citrix Studio GUI. Citrix Studio offers enterprise-grade functionality. Enterprises expect a broad range of capabilities and tools that support their workflows.

In contrast, cloud service providers often look for a consumer-grade experience with a limited range of options in order to minimise the training and support required for the GUI. Quick on boarding and self-service provisioning allow cloud service providers to minimize their headcount. Therefore, a self-service management console suitable for customers unfamiliar with XenDesktop is required.

Solution

The functionality exposed by the XenDesktop PowerShell SDK allows a service provider to write a simple web app for self-service desktop management.

To demonstrate this capability, we have posted the source code of an example on the Citrix Developer Exchange GitHub site under MIT License. Service providers are welcome to use the project as a starting point for their development effort.

Our example web app is built on the Microsoft ASP.NET MVC web application framework, which allows it to be installed alongside a XenDesktop controller. The front end is written using Twitter’sBootstrap, which allows it to be accessed from a browser running on a variety of screen sizes and devices. The back end makes use of the XenDesktop PowerShell SDK to access provisioning and desktop management capabilities. To provide a simple user experience, the workflows have been greatly simplified. Creating a group of desktops and assigning them to users is a single operation, and the options are greatly limited. The result is an easy to use interface, as shown in the figure below.

Benefits

The scripts used to control XenDesktop are easily updated. The web app uses PowerShell scripts to access XenDesktop functionality. These scripts are based on macros generated by Citrix Studio. Whenever an operation is executed in Citrix Studio, the corresponding XenDesktop PowerShell commands are recorded for the user to copy and paste. Therefore, the service provider can use Citrix Studio to generate new scripts that expose additional XenDesktop functionality.

The web app uses XenDesktop’s security model. XenDesktop delegated administration is used to limit access to XenDesktop services to specific user accounts. However, a web app will run with the credentials of a relatively unprivileged account. Rather than grant access to this account, the web app requires tenants to log on with their active directory credentials. The web app then uses Windows Impersonation to take on the tenant’s identity when calling XenDesktop PowerShell commands. Therefore, access to XenDesktop can be limited to very specific active directory accounts without difficulty.

In order to avoid database management tasks, the web app is stateless. Rather than require a database of its own, the web app uses XenDesktop metadata to store information. For instance, progress through a provisioning operation is recorded in the metadata associated with the XenDesktop broker catalog being created. Information pulled directly from CloudPlatform, such as the list of valid service offerings and desktop images, is distinguished from other options using tags or by modifying the associated description.

The web app can easily integrate functionality from other Citrix products. For example, a service provider may want to enable tenants to inject their own templates into the cloud. Although XenDesktop does not provide a image management capabilities, CloudPlatform does. The web app has the flexibility to consume these web services, because it is built with C# and the full .NET Framework. Indeed, our sample includes the ability to upload new desktop images. The image below is the upload page for the web app. (NB: before use, the image needs to be domain joined to the tenant’s XenDesktop infrastructure, which has yet to be automated.)

Summary

This post describes an example web app that provides an alternative to Citrix Studio. Using the XenDesktop PowerShell SDK, a consumer-grade GUI for desktop provisioning and management was created. This type of web app is useful to service providers who want to provide their tenants with access to a limited subset of XenDesktop functionality.